<?php
$xtpl = new XTemplate("modules/home/main.htm");
if(count($_POST) > 0){
	$username = (isset($_POST['username']))? $_POST['username']:"";
	$username = trim($username);
	$password = (isset($_POST['password']))? $_POST['password']:"";
	$password = trim($password);
	//--
	$sql="SELECT * FROM ".$DP."admin WHERE (admin_username='".$username."') AND (admin_password='".md5($password)."')";	
	$rs = mysql_query($sql);
	//--
	if(mysql_num_rows($rs)>0){
		$row = mysql_fetch_array(mysql_query($sql));
		//-- session admin id
		$ses_admin_id = $row[admin_id];
		$_SESSION['ses_admin_id'] =  $ses_admin_id;
		mysql_query("UPDATE {$DP}admin SET last_login = NOW() WHERE admin_id = '{$row['admin_id']}'");
		//--
		$GUI->redir('?mod=home');
	}elseif(mysql_num_rows($rs)==0){
		$msg = "Invalid username or password!";
	}
}
//--
$xtpl->assign("msg",$msg);
?>